Research On Anonymous Network And Distributed Storage Technology In Anti-forensic

Cybercrime incidents are becoming increasingly common,and electronic evidence has gradually become an important part of the material collection process for public security agencies.This has led to the flourishing development of digital forensics technology,while also promoting the rise of anti-forensic technology research.Anti-forensic technology mainly involves data hiding and data destruction,while also combining data encryption or data compression algorithms.Traditional forensic technology extracts criminal evidence by analyzing static data,while most anti-forensic technology hides data in the data of another file using steganography.However,the use of a single technology limits the further development of both forensic and anti-forensic technologies In addition,to evade investigation and tracking of data transmission paths by forensic personnel,some antiforensic personnel use the Tor network instead of end-to-end transmission to ensure their anonymity.However,with the continuous development of network forensics technology,the security of the Tor network is increasingly threatened,which may lead to the disclosure of users’ identities and activities.The purpose of this thesis is to improve the reliability of forensic technology using antiforensic technology.However,existing anti-forensic technology has privacy leakage and data integrity issues during data storage and transmission.In this thesis,we employ anonymous network technology and distributed storage technology to solve these problems.During data transmission,we first need to ensure the anonymity of intermediate nodes and receivers,and then ensure that data traffic cannot be identified by forensic personnel,and finally ensure the confidentiality of the data during transmission.In the data storage stage,we need to ensure the confidentiality,integrity,and recoverability of the data after it has been destroyed.The main contributions of this thesis are summarized as follows:(1)A random hop anonymous network scheme is proposed to address the anonymity problem of intermediate nodes and receivers in the data transmission stage.This scheme clusters all nodes,and combines with link obfuscation,allowing data packets to be randomly forwarded to any node during transmission.Each node randomly generates traffic masking and distributes it to the receiving end or a specific node,ensuring that third parties cannot distinguish normal data packets from masking traffic when intercepting traffic.Based on the history of interaction records and transmission processes,this scheme also divides transmission targets into multiple different types of nodes,ensuring the credibility of transmission targets and entry nodes.The scheme combines symmetric and asymmetric encryption algorithms to protect the privacy of data during transmission.Theoretical analysis and experimental results indicate that this scheme can achieve reliable and secure data transmission.(2)An anonymized distributed file storage scheme is proposed to address the privacy and integrity issues of data storage in the data storage stage.This scheme replaces the original file header with a new file header,scrambles and compresses the data stream into multiple unordered data blocks stored on different devices,and blurs the relationship between file metadata and data information.In order to ensure the use of remaining data after data destruction during the anti-forensic process,this scheme engages the erasure coding technology to prevent data block loss or tampering,while saving storage costs.Security analysis and experimental analysis indicate that this scheme can effectively prevent forensic personnel from analyzing data and has good practical value.